1. Field of the Invention
This invention relates to the field of data processing systems. More particularly, this invention relates to the validation of the installation of a computer program on a computer.
2. Background of the Invention
It is known to provide computer programs, such as malware scanners, that serve to protect a computer from various security threats, such as computer viruses, worms, Trojans, etc. A problem with such malware scanners is that for various reasons, such as maintenance or diagnostics, they may be temporarily disabled and in this state may themselves be subject to malicious alteration by malware. Furthermore, as new types of malware are released into the wild, some of these may be capable of maliciously altering the malware scanner even whilst it is enabled until the malware scanner is updated to include appropriate counter-measures. If the malware scanner itself becomes infected with malware, this can be a significant problem as the malware scanner typically has high level access within the system and may be capable of spreading a malware infection widely throughout an entire computer system. For this reason, it is strongly desirable to have a mechanism which counters the malicious alteration of a malware scanner.
It is known to provide a malware scanner that checks its own executable file for modification before it runs. However, such protection relies upon the executable file only being modified rather than replaced and is vulnerable to various types of malware attack.
Measures which can enhance security against the malicious alteration of an installed computer program are strongly desirable.